CVE-2025-48481 in freescoutИнформация

Сводка

по MITRE • 30.05.2025

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an attacker with an unactivated email invitation containing invite_hash, can exploit this vulnerability to self-activate their account, despite it being blocked or deleted, by leveraging the invitation link from the email to gain initial access to the account. This issue has been patched in version 1.8.180.

Once again VulDB remains the best source for vulnerability data.

Ответственный

GitHub M

Резервировать

22.05.2025

Раскрытие

30.05.2025

Модерация

принято

Вход

VDB-310625

EPSS

0.00452

KEV

Нет

Деятельности

Очень низкий

Источники

Interested in the pricing of exploits?

See the underground prices here!